diff options
| author | Jacques Vidrine <nectar@FreeBSD.org> | 2004-03-17 12:18:23 +0000 |
|---|---|---|
| committer | Jacques Vidrine <nectar@FreeBSD.org> | 2004-03-17 12:18:23 +0000 |
| commit | 0e4e5b966c79797ad0adbe5e5e72c78f9d58881a (patch) | |
| tree | 3340403862561adee002dbae18a7d62e629650cc | |
| parent | b986cdf0645604d6e7b6248092563a31dd55fe28 (diff) | |
Notes
| -rw-r--r-- | UPDATING | 3 | ||||
| -rw-r--r-- | crypto/openssl/crypto/opensslv.h | 2 | ||||
| -rw-r--r-- | crypto/openssl/ssl/s3_pkt.c | 8 | ||||
| -rw-r--r-- | sys/conf/newvers.sh | 2 |
4 files changed, 13 insertions, 2 deletions
@@ -13,6 +13,9 @@ minimal number of processes, if possible, for that patch. For those updates that don't have an advisory, or to be safe, you can do a full build and install as described in the COMMON ITEMS section. +20040317: p16 FreeBSD-SA-04:05.openssl + Correct a denial-of-service vulnerability in OpenSSL. + 20040315: p15 FreeBSD-SA-04:04.tcp Limit TCP segment reassembly queue size. diff --git a/crypto/openssl/crypto/opensslv.h b/crypto/openssl/crypto/opensslv.h index 396ae7b3dced..ea6581c17a06 100644 --- a/crypto/openssl/crypto/opensslv.h +++ b/crypto/openssl/crypto/opensslv.h @@ -26,7 +26,7 @@ * major minor fix final patch/beta) */ #define OPENSSL_VERSION_NUMBER 0x0090701fL -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7a Feb 19 2003" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7a-p1 Feb 19 2003" #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/crypto/openssl/ssl/s3_pkt.c b/crypto/openssl/ssl/s3_pkt.c index 3f88429e79a6..9f3e5139ad97 100644 --- a/crypto/openssl/ssl/s3_pkt.c +++ b/crypto/openssl/ssl/s3_pkt.c @@ -1085,6 +1085,14 @@ start: goto err; } + /* Check we have a cipher to change to */ + if (s->s3->tmp.new_cipher == NULL) + { + i=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY); + goto err; + } + rr->length=0; if (s->msg_callback) diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 6b924c593639..d1a3ea676ab1 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -36,7 +36,7 @@ TYPE="FreeBSD" REVISION="5.1" -BRANCH="RELEASE-p15" +BRANCH="RELEASE-p16" RELEASE="${REVISION}-${BRANCH}" VERSION="${TYPE} ${RELEASE}" |